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DETAILED ACTION 

1 . Claims 1 -20 have been examined. 

Claim Rejections - 35 USC §102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

3. Clauns 1, 3, 6, 8-1 1, 13-15, and 17-20 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Thomson Consumer Electronics, Inc. (Rohatgi et al.), European Patent 
AppHcation Publication No. EP 0 752 786 Al. 

As per claim 1, Rohatgi et al. discloses a method for sealing a computer program comprising: 

dividing the computer program into a plurality of blocks (see page 7, lines 20-21; figure 
7, step 41; determining modules from an application tagged with an index (i)); 

calculating a hash value for each of the blocks (see page 7, lines 32-33; figure 7, step 46; 
applying a hash function to the module); 

creating a hash array with the hash values of the blocks (see page 8, line 2; figure 7, step 
50; placing the have value H(M(i)) into the Directory Module); 

digitally signing the hash array to create a digital signature (see page 8, lines 5-6; figure 
7, step 51; the Directory Module is encrypted with the application provider's private key; see 
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page 8, lines 13-14; where the signing of the Directory Module is performed using the provider's 
private key); and 

grouping the computer program with the hash array and the digital signature (see page 8, 
lines 7-10; figure 1, item 1 1 ; figure 7, step 53; attaching the encrypted hash value of the 
Directory Module, the Directory Module, and the program in the memory). 

As per claim 3, Rohatgi et al. further points out: 

distributing the computer program, the hash array, and the digital signature (see page 8, 
lines 9-12; transmitting the program with the Directory Module and the encrypted hash value). 

As per claim 6, Rohatgi et al. also embodies: 

storing the computer program, the hash array, and the digital signature together (see page 
8, Unes 7-10; figure 1, item 11; figure 7, step 53; attaching the encrypted hash value of the 
Directory Module, the Directory Module, and the program together for storage in the memory). 

As per claims 8 and 18, Rohatgi et al. describes a method and computer-readable medium for 
authenticating a computer program comprising: 

verifying the authenticity of a hash value array that accompanied the computer program 
by using a digital signature of the hash value array that accompanied the computer program (see 
page 1 1, lines 37-39; figure 10, steps 124 and 126; the Directory Module is apphed to the hash 
fiinction to produce a hash fimction compared to the decrypted Directory Module hash value (i.e. 
decrypted digital signature)); 
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loading a block of the computer program (see page 1 1, lines 53-54; figure 10, step 136; 
accessing a module from memory); 

calculating a calculated hash value for the block of the computer program (see page 1 1, 
lines 53-54; figure 10, step 138; applying the module to the hash function element and hashing 

it); 

comparing the calculated hash value for the block of the computer program with an 
associated hash value for the block of the computer program from the hash value array (see page 
11, lines 54-56; figure 10, step 140; the respective hash value is compared with the 
corresponding hash value transmitted in the Directory Module); and 

generating an error if the calculated hash value for the block of the computer program 
does not match the associated hash value (see page 11, lines 55-56; figure 10, steps 150 and 152; 
if the hash values do not agree, errors are presumed generated and the module is discarded). 

As per claims 9 and 19, Rohatgi et al. further elaborates: 

calculating an array hash value for an array of hash values that accompanies the program; 
and (see page 1 1, Hnes 37-39; figure 10, step 124; the Directory Module is applied to the hash 
function to produce a hash function); and 

comparing the array hash value with the digital signature of the hash value array using a 
public key (see page 11, lines 37-39; figure 10, step 126; the Directory Module is applied to the 
hash function to produce a hash function compared to the decrypted Directory Module hash 
value; see page 11, lines 31-34; decrypting the Directory Module hash value (i.e. digital 
signature) with the public key of the application provider). / 
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As per claims 10 and 20, Rohatgi et al. then points out: 

testing the digital signature with a public key and a public key encryption function (see 
page 11, lines 3 1-34; figure 1 1, step 1244; decrypting the Directory Module hash value (i.e. 
digital signature) with the apphcation provider's public key). 

As per claim 11, Rohatgi et al. also explains: 

repeating the steps of loading, calculating, comparing, and generating as additional 
blocks of the computer program are needed for execution (see page 11, lines 53-59; figure 10, 
steps 136, 138, 140, 148; respective modules are accessed for checking for execution). 

As per claims 13-15, Rohatgi et al. moreover discusses: 

indicating an error message (see page 11, lines 35-36; figure 11, step 130; a warning is 
displayed). 

As per claim 17, Rohatgi et al. then disclose: 

swapping out the hash value array (see page 1 1 , lines 34-35; figure 1 1 , step 1241 ; the 
Directory Module is accessed fi-om memory); and 

re-verifying the authenticity of the hash value array after swapping the hash value array 
back in (see page 1 1, line 35; figure 11, step 1244; decrypting the encrypted Directory Module). 
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Claim Rejections - 35 USC §103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 2, 4, and 5; and 12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Thomson Consumer Electronics, Inc. (Rohatgi et al.), European Patent Application Publication 
No. EP 0 752 786 Al as applied to claims 1 and 8, respectively, above, and further in view of 
Schneier, "Applied Cryptography, Second Edition: Protocols, Algorithms, and Source Code in 
C." 

As per claims 2 and 12, Rohatgi et al. teaches the methods of claim 1 and 8. However, 
this reference does not explicitly describe a SHA hash value. Schneier discloses SHA (see 
section 18.7, pages 442; SHA designed for use with signatures). Therefore, it would have been 
obvious to one of ordinary skill in the computer art at the time the invention was made to 
combine the methods of Rohatgi et al. with the SHA hash value of Schneier because there are no 
known cryptographic attacks against SHA and it is more secure than 128-bit hash functions (see 
section 18.7, page 445). 

As per claim 4, Rohatgi et al. then describes: 

calculating an array hash value for the hash array (see page 8, lines 5-6; the hashed value 
H(M(i)) of the Directory Module); and 
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digitally signing the array hash value (see page 8, lines 5-6; the hashed value H(M(i)) of 
the Directory Module is encrypted with the application provider's private key; see page 8, lines 
13-14; where the signing of the Directory Module is performed using the provider's private key). 

As per claim 5, Rohatgi et al. next specifies: 

creating the digital signature with a private key and a public key encryption function (see 
page 8, lines 5-6; figure 7, step 51; the Directory Module is encrypted with the appUcation 
provider's private key; see page 8, lines 13-14; where the signing of the Directory Module is 
performed using the provider's private key). 

6. Claims 7 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Thomson 
Consumer Electronics, Inc. (Rohatgi et al.), European Patent Application Publication No. EP 0 
752 786 Al as applied to claims 1 and 8, respectively, above, and further in view of Bolosky et 
al., U.S. Patent Application Publication No. US 2002/0194484 Al. 

Rohatgi et al. teaches the methods of claims 1 and 8. However, this reference does not 
explicitly describe an operating system. Bolosky et al. embodies an operating system (see t 
[0061]; figure 3, item 358; an operating system as discrete blocks; see ^ [0070]; figure 4, item 
402; hashed and encrypted with the hash value used as an encryption key). Therefore, it would 
have been obvious to one of ordinary skill in the computer art at the time the invention was made 
to combine the methods of Rohatgi et al. with the operating system of Bolosky et al. to allow a 
user to quickly access a file, verify that it is indeed the requested file, all while insuring that the 
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files are stored and accessed in a secure way that prevents access by non-authorized users (see H 
[0005]). 



Telephone Inquiry Contacts 

Any inquiry concerning this communication or earher communications from the 
examiner should be directed to Justin T. Darrow whose telephone number is (571) 272-3801, and 
whose electronic mail address isjustin.darrow@uspto.gov. The examiner can normally be 
reached Monday-Friday firom 8:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessfiil, the examiner's 
supervisor, Gilberto Barron, Jr., can be reached at (571) 272-3799. 

The fax nxmiber for Formal or Official faxes to Technology Center 2100 is 571-273- 
8300. In order for a formal paper transmitted by fax to be entered into the appHcation file, the 
paper and/or fax cover sheet must be signed by a representative for the applicant. Faxed formal 
papers for application file entry, such as amendments adding claims, extensions of time, and 
statutory disclaimers for which fees must be charged before entry, must be transmitted with an 
authorization to charge a deposit account to cover such fees. It is also recommended that the 
cover sheet for the fax of a formal paper have printed "OFFICIAL FAX". Formal papers 
transmitted by fax usually require three business days for entry into the application file and 
consideration by the examiner. Formal or Official faxes including amendments after final 
rejection (37 CFR 1.116) should be submitted to 571-273-8300 for expedited entry into the 
application file. It is further reconunended that the cover sheet for the fax containing an 
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amendment after final rejection have printed not only "OFFICIAL FAX" but also 
"AMENDMENT AFTER FINAL". 

Information regarding the status of an application may be obtained firom the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained fi-om either Private PAIR or Pubhc PAIR. Status information for impublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toU-fi-ee). 

Any inquiry of a general nature or relating to the status of this apphcation should be 
directed to the Group receptionist whose telephone number is (571) 272-2100. 
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JUSTIN T. DARROW 
PRIMARY EXAMINER 
TECHNOLOGY CENTER 2100 



